New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[SR] Switch to using random_bytes()
where available (built into php7)
#5813
Comments
There are two "issues" I could see in using paragonie/random_compat.
I would change the |
Both these suggestions seem reasonable to me. 👍
Looking at our (still imperfect) telemetry shows that the vast majority would benefit. And for the minority of php 5 users, nothing would change. |
A PR is available for review. Testing... hmmm... I wouldn't know how to test that. |
The PR changes the code as expected: First it tries to use |
Agreed 👍🏼 ...that's why we've introduced Telemetry for: to allow us to make the hard decisions while at the same time backing them with the appropriate data. At the time of writing, only 3% of sites report using php5. |
random_bytes()
(built into php7) + the random_compat polyfill for earlier versions of phprandom_bytes()
where available (built into php7)
...code looks good indeed 👍🏼 Thanks @indigoxela 🙏🏼 |
…random_bytes(). By @indigoxela, @kiamlaluno, and @klonos.
…random_bytes(). By @indigoxela, @kiamlaluno, and @klonos.
I don't see this as having any backwards-compatibility impact, since |
This issue is a spin-off of a discussion that started in #5812, and a task to crossport https://www.drupal.org/project/drupal/issues/2550519 that's planned for D7.
The text was updated successfully, but these errors were encountered: